9 things retailers need to know about data breaches
Verizon is out with its annual cyber security report and while the findings are disturbing the good news is that retailers can thwart many a breach attempt by focusing on a handful of basic attack patterns.
Verizon's "2015 Data Breach Investigations Report," reveals that cyberattacks are becoming increasingly sophisticated, but many criminals still rely on decades-old techniques such as phishing and hacking. In fact, 70% of cyberattacks use a combination of these techniques and involve a secondary victim which adds complexity to a breach, according to the report.
"We continue to see sizable gaps in how organizations defend themselves," said Mike Denning, vice president of global security for Verizon Enterprise Solutions. "While there is no guarantee against being breached, organizations can greatly manage their risk by becoming more vigilant in covering their bases. This continues to be a main theme, based on more than 10 years of data from our 'Data Breach Investigations Report' series."
This year's report offers an in-depth look at the cybersecurity landscape, including an overview of mobile security, Internet of Things technologies and the financial impact of a breach. One of the key conclusions is that nine basic patterns account for roughly 96% of analyzed security incidents.
Verizon security researchers analyzed 2,100 confirmed data breaches and nearly 80,000 security incidents in the firm’s 2015 Data Breach Investigations Report and identified the following as common sources of attack:
- Miscellaneous errors, such as sending an email to the wrong person
- Crimeware (various malware aimed at gaining control of systems)
- Insider/privilege misuse
- Physical theft/loss
- Web app attacks
- Denial-of-service attacks
- Point-of-sale intrusions
- Payment card skimmers
As in prior reports, this year's findings pointed out what Verizon researchers call the "detection deficit" – the time that elapses between a breach occurring until it's discovered. Sadly, in 60% of breaches attackers are able to compromise an organization within minutes, according to Verizon.
Naturally, a more vigilant approach to cyber security is good place to start, or channel greater efforts, especially since many defense tactics are readily available. For example, a troubling area singled out in this year's report is that many existing vulnerabilities remain open, primarily because security patches that have long been available were never implemented. In fact, many of the vulnerabilities are traced to 2007 – a gap of almost eight years, according to Verizon.
Other recommendations contained in the report to enhance cybersecurity are focused on; making people the first line of defense, keeping data on a need-to-know basis, patching promptly, encrypting sensitive data, using two-factor authentication and maintaining physical security. Now in its eighth year of publication, the report and additional resources supporting the research are available on the DBIR Resource Center.
Foot Locker launches mobile app — with sneaker emoji
New York — Foot Locker has launched its first smartphone mobile application for iOS and Android, along with 85 “Shoemoji” sneaker replica emoticons. The emoticons allow customers to share their love of sneakers in a visual way. They can also show off some of their favorite styles with the new Shoemojis.
Specifically designed to enhance consumers' digital experience with the Foot Locker brand, the app allows customers to browse upcoming new sneakers due for release, which Foot Locker locations will carry the shoes, and when they are available for purchase.
"We are very excited to introduce our first smartphone application," said Stacy Cunningham, executive VP of marketing for Foot Locker. "We know how important phones are in our customers' lives and we always want to offer them a premium experience with Foot Locker wherever they may be. We believe that the Foot Locker app, along with the introduction of Shoemoji, is another great way for us to provide that experience."
In addition to Shoemoji, the App features such functionalities as a release calendar that provides information on hot, new releases. Users can also select a specific sneaker release and add it to their iCalendar or Google calendar.
Sprouts Farmers Market completes new credit facility
Phoenix — Sprouts Farmers Market said it has completed a new five-year, $450 million revolving credit facility to replace its existing term loan and revolving credit facility.
The company will utilize the initial drawing of $260 million under the new credit facility to pay off its existing $258 million term loan and transaction costs associated with the refinancing. Upon the completion of refinancing, Sprouts will have approximately $260 million of total debt and $2.5 million of letters of credit outstanding under the new facility, which will mature on April 17, 2020.
"This refinancing reflects the significant progress we have made in deleveraging the company," said Amin Maredia, CFO of Sprouts Farmers Market, which operates some 200 stores. "While we plan to continue to self-fund our targeted 14 percent unit growth, this new facility preserves Sprouts' financial flexibility and reduces our ongoing debt service expense."